Term · 10. Account Types

Technical Account TA

IDM/IGA Domain

NHI ISO/IEC OWASP Introduced by: Big4 (Deloitte / PwC / EY / KPMG)

Definition

Generic term for non-human accounts used for system-to-system communication — synonymous with service account in many contexts. Includes service accounts, integration accounts, API accounts, automation accounts. Distinct from human user accounts in lifecycle (no JML), credential type (often API keys vs passwords), and governance model.

Application: Modern IGA platforms include NHI-specific workflows: ownership documentation, automated credential rotation, scoped permissions, usage monitoring. Per OWASP NHI Top 10 risk catalogue.

Related terms

Service Account (SA)

Non-human account used by applications, services, or scheduled tasks to authenticate to other systems. Common categories …
Non-Human Identity (NHI)

Identities for service accounts, API keys, OAuth client secrets, machine certificates, workload identities (AWS IAM role …
Secrets Management (SM)

Centralized lifecycle management of API keys, database passwords, certificates, OAuth client secrets, encryption keys, a …
Secrets Vaulting

Sub-discipline of Secrets Management focused on cryptographically secure storage and retrieval of machine credentials. V …
System user

Account in a system designated for system/service use rather than human use — service accounts, application identities, …
AI Agent Credential Lifecycle Management

Specialised lifecycle workflows for AI agent credentials — provisioning short-lived tokens scoped to specific tasks, rot …

← Back to glossary · Open in main list